The U.S. Department of Justice has today released a redacted copy of Special Counsel Robert S. Mueller III’s “Report on the Investigation Into Russian Interference In The 2016 Presidential Election.” Unfortunately, as released, one cannot search the 448-page report for key words or phrases of interest. I have created a searchable copy that you can download here (133 MB PDF).

In December 2017, I wrote a post about how to use Quad9 DNS resolution with Algo VPN, a free and open-source project by Trail of Bits that lets you easily set up your own non-logging VPN server.

My earlier tutorial no longer works with versions of Algo VPN since 25 April 2018, when the Algo VPN code base was changed to enforce encrypted DNS lookups (and five days later, WireGuard support was added, yay!). By default, Algo now uses Cloudflare’s secure DNS lookup. Quad9, which I prefer because of its option to block known malicious sites, implemented DNS over HTTPS in October 2018, and you can now use it with Algo VPN instead of Cloudflare if you like. I will provide step-by-step instruction on how to do this below.

Bear in mind that for these instructions to work, you must be using an Algo installation made with the code base since the April 2018 revision implementing secure DNS lookup:

After upgrading an instance of NextCloudPi from version 13 to version 14, I received the following error notification:

In short, the table “oc_share” was missing the index “parent_index” and the table “oc_filecache” was missing the index “fs_mtime”.

I tried SSH-ing to my NextCloudPi server and running the suggested command, “occ db:add-missing-indices” but it generated an error.

Despite the missing database entries, the instance still seemed to run fine, but I found the constant error message vexing.

After some online research and examination of my NextCloudPi instance’s directory structure, I found the following solution, and not seeing it posted elsewhere, thought I’d share it here:

1. SSH to your NextCloudPi instance.

2. Get a root prompt by entering:

sudo bash

3. Go up to the root directory by typing the following command twice (or as many times as necessary):

cd ../

4. Switch to the nextcloud directory:

cd /var/www/nextcloud

5. Run the following command:

sudo -u www-data php occ db:add-missing-indices

6. You should receive something like the following prompts (which I received):

Check indices of the share table.
Adding additional parent index to the share table, this can take some time...
Share table updated successfully.
Adding additional mtime index to the filecache table, this can take some time...
Filecache table updated successfully.

7. That’s all! Type “exit” and hit enter to terminate the SSH session. The error message should no longer appear.

In Persian, a commercial product that is unopened and in its original packaging is described as being آکبند. I encountered this word for the first time in an article on Iranian tech website Digiato about restrictions on returning travelers bringing mobile phones into Iran, in the following context:

In a post on 1Doost.com, Nooshin Mohammad Ali provides what seems to me to be a dubious folk etymology, claiming (while citing no source) that it’s derived from the English “UK Band” which supposedly was printed on ribbons wrapped around British goods arriving at the port of Abadan before the 1979 Islamic Revolution.

An interesting but ultimately inconclusive discussion of the etymology of آکبند extracted from the Adabiyat listserv appears on The Iranianhere.

Algo VPN is an open source project from computer security firm Trail of Bits. It facilitates the creation of a non-logging (and optionally ad-blocking) virtual private network (VPN) on a virtual private server (VPS). I’ve been using Algo VPN for a couple months and am pleased with it’s performance, particularly on Apple devices, which natively support the IKEv2 protocol implemented by Algo VPN.

By default, Algo VPN uses Google’s domain name resolution (DNS) servers (8.8.8.8 and 8.8.4.4). Recently, I heard about an alternative, non-profit DNS service called Quad9 (9.9.9.9) that has some attractive features. In particular, Quad9 blocks known malicious domains, collects no personally-identifiable information, and does not store the IP addresses of end users to disk. Steve Gibson spoke about Quad9 in episode 638 of his weekly Security Now podcast.

Perhaps in the future, Algo VPN will offer Quad9 as an alternative to Google’s DNS servers. But until such time, and for already existing installations, here’s how you can point your Algo VPN server to Quad9’s DNS servers:

1. SSH to your Algo server via your terminal app:

ssh root@ip -i ~/.ssh/algo.pem

2. Open /etc/dnsmasq.conf for editing:

nano /etc/dnsmasq.conf

3. Find the lines:

server=8.8.8.8
server=8.8.4.4

4. Replace with (the second line, not originally included here, is Quad9’s secondary IPv4 address; thanks to commenter “c.” for noting this):

server=9.9.9.9
server=149.112.112.112

5. Hit Control-X to exit, choosing Y to save and keeping the same file name.

6. Type reboot at the command line to reboot.

That’s all! Your Algo VPN server will now use Quad9 for DNS resolution.

U.S. president Donald J. Trump devotes a great deal of time to Twitter. Have you ever wondered what he sees on Twitter? I did, so I created the “Twitter Through Trump’s Eyes” public list that includes the President’s own tweets along with those of the 45 Twitter accounts that he follows. I will keep this list updated as necessary. You don’t need to have a Twitter account to view. Clicking on the image below will take you to the list.

Recently, the question of how best to translate the English phrase “including, but not limited to” has crossed my desk. Google Translate offers از جمله، اما نه محدود به which seems quite good, and I’ve found an example of its use (multiple times) on a webpage of Iran’s Islamic Parliament Research Center, where the “but not limited to” part is placed in parentheses از جمله (اما نه محدود به). The same page sometimes uses شامل instead of از جمله.

If you are using the Enigmail security add-on for Mozilla Thunderbird under Ubuntu Linux, you may have recently discovered (as I did today) that it no longer works with the version of GnuPG that you have installed, and that you need to upgrade. But it’s not evident how to do this, as there is no GnuPG update available in the Ubuntu Software Center.

Fortunately, there is an easy way to upgrade Ubuntu to GnuPG 2. Just open a terminal and type:

On the evening of Monday, 15 February 2016, Iran’s television channel 3 aired a 13-minute report titled “The Rules of the Game” (in Persian, قاعده بازی) about the 17 January 2016 prisoner swap between Iran and the United States, arguing that the exchange was a victory for Iran and a loss for the United States. The program, produced by the “General Administration for Analytical and Documentary Programming” (اداره کل برنامه‌های تحلیلی و مستند) contends that the settlement of a longstanding property dispute between Iran and the United States was linked to the prisoner exchange, reporting among other things that on the day of the exchange, the U.S. flew $400 million in cash to Tehran’s Mehrabad Airport.

The following is a rough translation of the report that I have prepared. Comments are welcome.